Spyware Warrior Spyware Warrior
Help with Spyware, Hijacking & Other Internet Nuisances
 
FAQ :: Search :: Memberlist :: Usergroups :: Register
Profile :: Log in to check your private messages :: Log in

firefox infected

 
Post new topic   This topic is locked: you cannot edit posts or make replies.    Spyware Warrior Forum Index -> Help with spyware removal
View previous topic :: View next topic  
Author Message
acapella
Warrior


Joined: 15 Feb 2005
Last Visit: 02 Dec 2016
Posts: 53

PostPosted: Fri Dec 02, 2016 12:43 pm    Post subject: firefox infected Reply with quote

I apparently inadvertently downloaded a virus into firefox. please help.
logs:

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.18523
Run by Robert at 15:39:40 on 2016-12-02
Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.5110.3475 [GMT -5:00]
.
AV: AVG Internet Security 2015 *Disabled/Updated* {4D41356F-32AD-7C42-C820-63775EE4F413}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AVG Internet Security 2015 *Disabled/Updated* {F620D48B-1497-73CC-F290-58052563BEAE}
FW: AVG Internet Security 2015 *Disabled* {757AB44A-78C2-7D1A-E37F-CA42A037B368}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\ActivIdentity\ActivClient\acevents.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\WUDFHost.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\ActivIdentity\ActivClient\acevents.exe
C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe
C:\Users\Robert\AppData\Local\Microsoft\BingSvc\BingSvc.exe
C:\Program Files\ActivIdentity\ActivClient\acsagent.exe
C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
C:\Program Files\CCleaner\CCleaner64.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\Windows\system32\msiexec.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
mWinlogon: Userinit = userinit.exe
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
uRun: [BingSvc] C:\Users\Robert\AppData\Local\Microsoft\BingSvc\BingSvc.exe
uRun: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
mRun: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY
dRunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
StartupFolder: C:\Users\Robert\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\ACTIVC~1.LNK - C:\Program Files\ActivIdentity\ActivClient\acsagent.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
Trusted Zone: localhost
Trusted Zone: webcompanion.com
TCP: NameServer = 75.75.75.75 75.75.76.76 192.168.1.1
TCP: Interfaces\{FA2FBC53-7E7E-4910-9600-50436939C0A8} : DHCPNameServer = 75.75.75.75 75.75.76.76 192.168.1.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.99\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [acevents] "C:\Program Files\ActivIdentity\ActivClient\acevents.exe"
x64-Run: [accrdsub] "C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe"
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\drivers\avgidsha.sys [2015-5-12 253408]
R0 Avgloga;AVG Logging Driver;C:\Windows\System32\drivers\avgloga.sys [2015-5-7 378336]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2015-7-28 245680]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2015-3-20 40928]
R1 Avgdiska;AVG Disk Driver;C:\Windows\System32\drivers\avgdiska.sys [2015-3-11 162784]
R1 Avgfwfd;AVG network filter service;C:\Windows\System32\drivers\avgfwd6a.sys [2015-4-14 77760]
R1 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\avgidsdrivera.sys [2015-7-28 312752]
R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2015-6-16 259040]
R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2015-5-12 281568]
R2 ac.sharedstore;ActivIdentity Shared Store Service;C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe [2013-6-13 278288]
R2 DiagTrack;Diagnostics Tracking Service;C:\Windows\System32\svchost.exe -k utcsvc [2009-7-13 27136]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2009-6-10 187392]
R3 VST64_DPV;VST64_DPV;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312]
R3 VST64HWBS2;VST64HWBS2;C:\Windows\System32\drivers\VSTBS26.SYS [2009-7-13 411136]
S2 avgfws;AVG Firewall;C:\Program Files (x86)\AVG\AVG2015\avgfws.exe [2015-7-28 1630672]
S2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [2015-7-28 3719592]
S2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [2015-7-28 356888]
S3 GKUPRO2D;GKUPRO2D;C:\Windows\System32\drivers\GKUPRO2D.sys [2012-11-5 120320]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2016-11-14 114688]
S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136]
S3 SWDUMon;SWDUMon;C:\Windows\System32\drivers\SWDUMon.sys [2015-8-5 16056]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2015-8-5 59392]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2015-8-7 1255736]
S3 WSDScan;WSD Scan Support via UMB;C:\Windows\System32\drivers\WSDScan.sys [2009-7-13 25088]
.
=============== Created Last 30 ================
.
2016-12-02 19:42:21 11781064 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{0A2642FA-247D-4900-82E6-0CDE2B533B78}\mpengine.dll
.
==================== Find3M ====================
.
2016-11-08 22:29:59 796352 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2016-11-08 22:29:59 142528 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2016-11-02 15:36:15 382696 ----a-w- C:\Windows\System32\atmfd.dll
2016-11-02 15:32:08 41472 ----a-w- C:\Windows\System32\lpk.dll
2016-11-02 15:32:05 100864 ----a-w- C:\Windows\System32\fontsub.dll
2016-11-02 15:32:03 14336 ----a-w- C:\Windows\System32\dciman32.dll
2016-11-02 15:32:01 46080 ----a-w- C:\Windows\System32\atmlib.dll
2016-11-02 15:22:36 308456 ----a-w- C:\Windows\SysWow64\atmfd.dll
2016-11-02 15:16:31 25600 ----a-w- C:\Windows\SysWow64\lpk.dll
2016-11-02 15:16:15 70656 ----a-w- C:\Windows\SysWow64\fontsub.dll
2016-11-02 15:16:14 10240 ----a-w- C:\Windows\SysWow64\dciman32.dll
2016-11-02 14:53:37 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
2016-10-27 19:13:51 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2016-10-27 19:13:36 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2016-10-27 18:55:20 66560 ----a-w- C:\Windows\System32\iesetup.dll
2016-10-27 18:54:13 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2016-10-27 18:54:04 417792 ----a-w- C:\Windows\System32\html.iec
2016-10-27 18:53:35 88064 ----a-w- C:\Windows\System32\MshtmlDac.dll
2016-10-27 18:53:20 576000 ----a-w- C:\Windows\System32\vbscript.dll
2016-10-27 18:37:41 114688 ----a-w- C:\Windows\System32\ieetwcollector.exe
2016-10-27 18:37:40 144384 ----a-w- C:\Windows\System32\ieUnatt.exe
2016-10-27 18:37:18 814080 ----a-w- C:\Windows\System32\jscript9diag.dll
2016-10-27 18:28:32 968704 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2016-10-27 18:19:40 6047744 ----a-w- C:\Windows\System32\jscript9.dll
2016-10-27 18:15:42 77824 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
2016-10-27 17:44:44 1359360 ----a-w- C:\Windows\System32\mshtmlmedia.dll
2016-10-27 17:44:24 2131456 ----a-w- C:\Windows\System32\inetcpl.cpl
2016-10-27 17:16:51 2920448 ----a-w- C:\Windows\System32\wininet.dll
2016-10-26 21:29:06 485032 ------w- C:\Windows\System32\MpSigStub.exe
2016-10-25 15:02:34 3219456 ----a-w- C:\Windows\System32\win32k.sys
2016-10-22 17:54:16 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2016-10-22 17:36:58 62464 ----a-w- C:\Windows\SysWow64\iesetup.dll
2016-10-22 17:36:02 47616 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2016-10-22 17:35:55 498688 ----a-w- C:\Windows\SysWow64\vbscript.dll
2016-10-22 17:35:40 341504 ----a-w- C:\Windows\SysWow64\html.iec
2016-10-22 17:34:30 64000 ----a-w- C:\Windows\SysWow64\MshtmlDac.dll
2016-10-22 17:21:34 115712 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2016-10-22 17:20:58 620032 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2016-10-22 17:04:17 60416 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2016-10-22 16:44:04 4608000 ----a-w- C:\Windows\SysWow64\jscript9.dll
2016-10-22 16:43:36 2055680 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2016-10-22 16:43:09 1155072 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
2016-10-22 16:12:44 2444800 ----a-w- C:\Windows\SysWow64\wininet.dll
2016-10-15 15:31:21 976896 ----a-w- C:\Windows\System32\inetcomm.dll
2016-10-15 15:31:21 84480 ----a-w- C:\Windows\System32\INETRES.dll
2016-10-15 15:13:55 84480 ----a-w- C:\Windows\SysWow64\INETRES.dll
2016-10-15 15:13:55 741888 ----a-w- C:\Windows\SysWow64\inetcomm.dll
2016-10-11 15:37:23 370920 ----a-w- C:\Windows\System32\clfs.sys
2016-10-11 15:31:58 1068544 ----a-w- C:\Windows\System32\msctf.dll
2016-10-11 15:31:56 878080 ----a-w- C:\Windows\System32\IMJP10K.DLL
2016-10-11 15:31:56 457216 ----a-w- C:\Windows\System32\imkr80.ime
2016-10-11 15:31:56 176128 ----a-w- C:\Windows\System32\tintlgnt.ime
2016-10-11 15:31:56 175104 ----a-w- C:\Windows\System32\quick.ime
2016-10-11 15:31:56 175104 ----a-w- C:\Windows\System32\qintlgnt.ime
2016-10-11 15:31:56 175104 ----a-w- C:\Windows\System32\phon.ime
2016-10-11 15:31:56 175104 ----a-w- C:\Windows\System32\cintlgnt.ime
2016-10-11 15:31:56 175104 ----a-w- C:\Windows\System32\chajei.ime
2016-10-11 15:31:56 132608 ----a-w- C:\Windows\System32\pintlgnt.ime
2016-10-11 15:31:56 1148416 ----a-w- C:\Windows\System32\IMJP10.IME
2016-10-11 15:31:55 246784 ----a-w- C:\Windows\System32\input.dll
2016-10-11 15:18:29 829952 ----a-w- C:\Windows\SysWow64\msctf.dll
2016-10-11 15:18:26 90112 ----a-w- C:\Windows\SysWow64\pintlgnt.ime
2016-10-11 15:18:26 701440 ----a-w- C:\Windows\SysWow64\IMJP10K.DLL
2016-10-11 15:18:26 430080 ----a-w- C:\Windows\SysWow64\imkr80.ime
2016-10-11 15:18:26 126976 ----a-w- C:\Windows\SysWow64\tintlgnt.ime
2016-10-11 15:18:26 125952 ----a-w- C:\Windows\SysWow64\quick.ime
2016-10-11 15:18:26 125952 ----a-w- C:\Windows\SysWow64\qintlgnt.ime
2016-10-11 15:18:26 125952 ----a-w- C:\Windows\SysWow64\phon.ime
2016-10-11 15:18:26 125952 ----a-w- C:\Windows\SysWow64\cintlgnt.ime
2016-10-11 15:18:26 125952 ----a-w- C:\Windows\SysWow64\chajei.ime
2016-10-11 15:18:26 1027584 ----a-w- C:\Windows\SysWow64\IMJP10.IME
2016-10-11 15:18:24 202240 ----a-w- C:\Windows\SysWow64\input.dll
2016-10-11 13:33:27 187392 ----a-w- C:\Windows\SysWow64\UIAnimation.dll
2016-10-11 13:06:22 221184 ----a-w- C:\Windows\System32\UIAnimation.dll
2016-10-10 15:38:43 95464 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2016-10-10 15:38:43 154856 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2016-10-10 15:34:02 86528 ----a-w- C:\Windows\System32\TSpkg.dll
2016-10-10 15:34:02 210432 ----a-w- C:\Windows\System32\wdigest.dll
2016-10-10 15:34:01 28672 ----a-w- C:\Windows\System32\sspisrv.dll
2016-10-10 15:34:01 135680 ----a-w- C:\Windows\System32\sspicli.dll
2016-10-10 15:16:24 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2016-10-10 15:02:54 64000 ----a-w- C:\Windows\System32\auditpol.exe
2016-10-10 14:56:18 159744 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys
2016-10-10 14:55:44 291328 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys
2016-10-10 14:55:42 129536 ----a-w- C:\Windows\System32\drivers\mrxsmb20.sys
2016-10-10 14:55:00 30720 ----a-w- C:\Windows\System32\lsass.exe
2016-10-10 14:54:24 50176 ----a-w- C:\Windows\SysWow64\auditpol.exe
2016-10-10 14:50:02 36352 ----a-w- C:\Windows\SysWow64\cryptbase.dll
2016-10-07 15:40:23 631176 ----a-w- C:\Windows\System32\winresume.efi
2016-10-07 15:37:30 706792 ----a-w- C:\Windows\System32\winload.efi
2016-10-07 15:37:29 5547752 ----a-w- C:\Windows\System32\ntoskrnl.exe
2016-10-07 15:35:29 1732864 ----a-w- C:\Windows\System32\ntdll.dll
2016-10-07 15:18:11 3944680 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2016-10-07 15:18:10 4000488 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2016-10-07 15:15:47 1314112 ----a-w- C:\Windows\SysWow64\ntdll.dll
2016-10-07 15:04:53 148480 ----a-w- C:\Windows\System32\appidpolicyconverter.exe
2016-10-07 15:04:51 62464 ----a-w- C:\Windows\System32\drivers\appid.sys
2016-10-07 15:04:49 17920 ----a-w- C:\Windows\System32\appidcertstorecheck.exe
2016-10-07 15:01:04 338432 ----a-w- C:\Windows\System32\conhost.exe
2016-10-07 15:00:12 296960 ----a-w- C:\Windows\Security Update for Microsoft Office 2010 (KB2881029) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2881071) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2956063) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2956073) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2956076) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB3054984) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB3085528) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB3101520) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB3114400) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB3115120) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB3118309) 32-Bit Edition
Security Update for Microsoft OneNote 2010 (KB3114885) 32-Bit Edition
Security Update for Microsoft Outlook 2010 (KB3118313) 32-Bit Edition
Security Update for Microsoft PowerPoint 2010 (KB2920812) 32-Bit Edition
Security Update for Microsoft PowerPoint 2010 (KB3118378) 32-Bit Edition
Security Update for Microsoft Publisher 2010 (KB2817478) 32-Bit Edition
Security Update for Microsoft Visio 2010 (KB3114872) 32-Bit Edition
Security Update for Microsoft Visio Viewer 2010 (KB2999465) 32-Bit Edition
Security Update for Microsoft Word 2010 (KB2965313) 32-Bit Edition
Security Update for Microsoft Word 2010 (KB3127953) 32-Bit Edition
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition
Update for Microsoft Excel 2010 (KB2956084) 32-Bit Edition
Update for Microsoft Filter Pack 2.0 (KB2999508) 32-Bit Edition
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553140) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553347) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553388) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589318) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589386) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687275) 32-Bit Edition
Update for Microsoft Office 2010 (KB2791057) 32-Bit Edition
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition
Update for Microsoft Office 2010 (KB2881030) 32-Bit Edition
Update for Microsoft Office 2010 (KB2883019) 32-Bit Edition
Update for Microsoft Office 2010 (KB3054873) 32-Bit Edition
Update for Microsoft Office 2010 (KB3054886) 32-Bit Edition
Update for Microsoft Office 2010 (KB3055042) 32-Bit Edition
Update for Microsoft Office 2010 (KB3055047) 32-Bit Edition
Update for Microsoft Office 2010 (KB3114555) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2965297) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2760779) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB3114756) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553308) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition
Yahoo! Messenger
.
==== Event Viewer Messages From Past Week ========
.
12/2/2016 3:23:53 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the AVG WatchDog service to connect.
12/2/2016 3:23:53 PM, Error: Service Control Manager [7000] - The AVG WatchDog service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
12/2/2016 3:18:02 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} and APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} to the user NT AUTHORITY\SYSTEM SID (S-1-5-1Cool from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
12/2/2016 3:17:02 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the AVGIDSAgent service to connect.
12/2/2016 3:17:02 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the AVG Firewall service to connect.
12/2/2016 3:17:02 PM, Error: Service Control Manager [7000] - The AVGIDSAgent service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
12/2/2016 3:17:02 PM, Error: Service Control Manager [7000] - The AVG Firewall service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
.
==== End Of File ===========================
\rstrui.exe
.
============= FINISH: 15:40:08.06 ===============
Back to top
View user's profile Send private message
random/random
Expert Developer


Joined: 23 Dec 2005
Last Visit: 10 Oct 2017
Posts: 1076

PostPosted: Sat Dec 03, 2016 9:05 am    Post subject: Reply with quote

Hi,

Please download FRST64.exe ... by Farbar. Save it to your desktop.

  1. Double-click to run it. When the tool opens click Yes to disclaimer.
  2. Press Scan button. ... A log will be created FRST.txt in the same directory the tool is run.
  3. Please copy/paste FRST.txt in to your reply.
    The first time the tool is run, it also makes another log... Addition.txt.
  4. Please copy/paste Addition.txt in your reply.


Note that you may need multiple replies to post the logs in their entirety.

Can you be more specific about what makes you think you downloaded a virus into firefox?
_________________
Expert/Developer at Malware Removal University
My help is free, but please consider a donation to help with the running costs of this site.
Back to top
View user's profile Send private message
random/random
Expert Developer


Joined: 23 Dec 2005
Last Visit: 10 Oct 2017
Posts: 1076

PostPosted: Tue Dec 06, 2016 5:52 am    Post subject: Reply with quote

Hi,

Do you still need help?
_________________
Expert/Developer at Malware Removal University
My help is free, but please consider a donation to help with the running costs of this site.
Back to top
View user's profile Send private message
random/random
Expert Developer


Joined: 23 Dec 2005
Last Visit: 10 Oct 2017
Posts: 1076

PostPosted: Wed Dec 07, 2016 11:44 am    Post subject: Reply with quote

Quote:
Due to lack of response this topic is now closed.

If you still need help you must open a new thread in the Help with Spyware Removal forum, post a new log, and wait for a new helper.

If you have been helped and wish to donate to help with the costs of this volunteer site, please read Spyware Warrior Donations

random/random

_________________
Expert/Developer at Malware Removal University
My help is free, but please consider a donation to help with the running costs of this site.
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   This topic is locked: you cannot edit posts or make replies.    Spyware Warrior Forum Index -> Help with spyware removal All times are GMT - 8 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum



smartBlue Style © 2002 Smartor
Powered by phpBB © 2001, 2002 phpBB Group